Password manager

What's Sup Forums's approved password manager?

a piece of paper inside my wireless mouse's battery compartment

Dashlane

Try neurons, it's pretty good. Open source, but very hard to read due to incredible amount of connections.

in the middle of some personal word document, where you are sure you wont accidently send them to anyone.

dotfiles

Google Drive

Lastpass

In b4
>b-b-but muh plain text emails

Keepass

Your head

This

I'll echo this. Keepass2droid is nice too, since most likely you'll want to use your password manager on your phone and desktop.

keepass2 works on win and linux and its great.

>use your password manager on your phone
enjoy having cia niggers steal your master password
you should really not have it on the phone
indeed, not ever using login based services on your phone

import base64
import hashlib

user = input('Username> ')
domain = input('Domain> ')
n = int(input('n> '))
mpw = input('Master Password> ')


pw = base64.b64encode(hashlib.pbkdf2_hmac(
'sha256',
(mpw + user + domain).encode(),
b'',
100000 + n
)).decode()[0:16] + 'Aa$1' # add Aa$1 to deal with pw rules
print(pw)


storing them is the wrong way.

this is a decent solution desu i used similar technique before like
#!/usr/bin/env bash

pass="$1"
for i in `seq 1 100`;
do
pass="$(echo "$pass" | md5sum)"
done
echo "$pass"

Isn't md5 bad for storing?

the good ol' noggin. anything else is retard/nigger tier

What the hell is this? You run some paraphrase 100 times through md5? For what purpose? If it's to create a password, then you should use /dev/*random.

you have the wrong idea

./pass "exhentai"

would echo the password used for exhentai and so on

Keep Ass.

Go ahead and store your database in the cloud to use it on mobile devices.

Whether or not you decide give away your master pass like a retard is up to you.

brain

I'm pretty happy with pass. Simple and works with tools you already use

Your brain

>not using the same password for everything

No, it will echo the passed string mangled 100 times through md5 - utterly worthless, and entirely predictable. That's not a secure password, you imbecile.

>No, it will echo the passed string mangled 100 times through md5
and thats the password nigger
you can run it 132 times or some shit if you want to have more of le edge unpredictable
or even mix and match with shasum or some other shit
it is still a 32 character password and would take a very long time to brute force

this desu

>it is still a 32 character password and would take a very long time to brute force
No, because all an attack vector has to assume is a few generic keywords, like the title of the site as in your example, and run the string through a few hashing functions. This method would yield results to your passwords far faster than pure brute force. The entropy of a given string does not increase when hashed, and 100, 200, even thousands of runs of md5sum cost nothing to try. You're an idiot, and I recommend you look into a password manager which will store truly random and secure passwords for you, such as those generated from /dev/urandom.
This is a random, secure password
LC_ALL=C tr -dc '[:graph:]' < /dev/urandom | head -c ${1:-16}; echo
md5sum

My brain.

Use bcrypt.

Um user, I don't think the CIA is really interested in my password..

>not having a secure enough PC to just keep them in a plain text file

sure whatever you think
its not meant to be secure enough for cp, but generally a simple way to keep decently secure passwords which are easy to "remember" and reproduce
also i dont use this, i use keepassx since last year

People can't read my handwriting so I wrote them down on a piece of paper

Keep them in your brain you troglodyte.

>just letting a shady site you create an account on get access to all of your accounts on other websites

Keepassxc is good too for a more native linux experience, also has keepasshttp built in so you can use addons like passlfox in the browser.

We should really get rid of passwords and use public key authentication or something instead.

>Doesn't follow my gtk theme
Dropped

This. Passwords generated on keepass for every account.

Set the qt theme to your gtk theme.

This
Passwords.txt on my Desktop, machine veracrypted

>using passwords at all

Why are you doing illegal things with your computing devices? That's not okay

Fuck off, negligent retard

KeepassX

KeepAssXC

if it's stored in the cloud, it's ephemeral and insecure.

>uses gtk meme
kek

>if the attacker knows the exact method and parameters used to derive the password, they can get the password faster than brute forcing

No shit. But they don't know those things, and a remote attacker with no contact to the user has no way of finding that out.

...

>Sup Forums's approved
>frogposter
recipe for a shit thread
get the fuck out already, how many times do we need the same thread?

Password crackers guess these kinds of things.

People are much stupider than they think they are, everyone has thought of "clever" tricks like hashing with MD5 or using keyboard patterns, including the people who write crackers.

sticky note on monitor bezel

Sally will look in the box of course, because the basket cover doesn't bulge anymore

My head. Something like:

?Insufficient.facts?4lwaysinviteDanger0!

Easy to remember the syntax, words, punctuation and letters. Try that with any other 40 character passwords. In addition, this is nigh impossible to automate with any rainbow tables, wordlist tools etc. Even if you knew I used star trek quotes for my passwords, the possible permutations based on punctuation out of those 35-40 characters makes it again, nigh impossible to crack.

You fags using shit like lastpass with those shit ass passwords are plebs.

enpass

ok, now do it 100 times

So you're one of those guys who uses a single password for everything?

Good thing no database storing passwords was ever hacked.